The US House Select Committee on the Chinese Communist Party, chaired by John Moolenaar, and its Ranking Member, Raja Krishnamoorthi, have once again raised concerns about the security risks posed by TP-Link products. In a letter addressed to Commerce Secretary Gina Raimondo on August 13, the lawmakers called for an investigation into the popular networking equipment manufacturer.
Citing “open-source information,” Moolenaar and Krishnamoorthi expressed unease about the vulnerabilities present in TP-Link devices and their compliance with Chinese laws. They highlighted the Chinese government’s alleged use of SOHO routers, such as those made by TP-Link, in cyberattacks against the United States. The letter emphasized that the combination of vulnerabilities in TP-Link products and China’s track record of cyber espionage raised significant concerns.
The concerns raised by the committee were further corroborated by an analysis published by Microsoft in October. The analysis identified compromised TP-Link devices as crucial components of a China-linked hacking operation known as “CovertNetwork-1658.” These routers were reportedly used to conceal the origin of cyberattacks targeting American critical infrastructure. The operation, named Volt Typhoon, was part of a larger campaign aimed at undermining US cybersecurity.
The implications of TP-Link’s alleged involvement in cyber espionage activities have sparked calls for immediate action. Lawmakers have urged the Commerce Department to investigate the matter thoroughly and take necessary steps to mitigate the risks posed by TP-Link products. The potential impact of compromised networking equipment on national security and critical infrastructure has raised alarms within the cybersecurity community.
In response to these allegations, TP-Link has denied any wrongdoing and has reiterated its commitment to cybersecurity. The company has stated that it takes the security of its products seriously and complies with all relevant regulations and industry standards. TP-Link has also emphasized its efforts to address vulnerabilities promptly and work with government agencies to ensure the integrity of its products.
Despite TP-Link’s assurances, the concerns raised by the US House Select Committee on the Chinese Communist Party remain valid. The ongoing debate over the security risks associated with TP-Link products underscores the complex nature of cybersecurity in an interconnected world. As threats from state-sponsored hacking operations continue to evolve, the need for robust cybersecurity measures and close collaboration between government and industry stakeholders has never been more critical.